URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	7octubredc.duckdns.org
Domain registrar:	Gandi
Domain registration date:	2013-04-12 19:58:56 UTC
Abuse complaint sent?:	Yes (2025-10-23 03:54:01 UTC to abuse{at}duckdns[dot]org)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2025-10-23 03:53:04 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-10-31 17:55:50	186.169.69.76		Not listed	AS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC	CO	yes
2025-10-23 03:53:11	186.169.46.112		Not listed	AS3816 COLOMBIA_TELECOMUNICACIONES_S.A._ESP_BIC	CO	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-11-01 07:55:27	http://7octubredc.duckdns.org/pchichi.txt	Offline	opendir rev-base64-loader	BlinkzSec
2025-11-01 07:55:25	http://7octubredc.duckdns.org/dllchichi.txt	Offline	base64-loader DEU geofenced opendir	BlinkzSec
2025-10-23 03:53:19	http://7octubredc.duckdns.org/sostener.vbs	Offline	DEU geofenced opendir RemcosRAT	BlinkzSec
2025-10-23 03:53:11	http://7octubredc.duckdns.org/31agosto.vbs	Offline	DEU geofenced opendir RemcosRAT	BlinkzSec
2025-10-23 03:53:11	http://7octubredc.duckdns.org/andre.vbs	Offline	DEU geofenced opendir RemcosRAT	BlinkzSec

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2025-11-12 00:43:50	07ff969de6708f67279704fffc22e4f903befdf92fb7e12b9a14489b18838ff4	txt
2025-11-11 23:16:43	07ff969de6708f67279704fffc22e4f903befdf92fb7e12b9a14489b18838ff4	txt
2025-11-10 19:41:20	cb0ec11df5fb97d727bea30c9d207c70cb6508e3159b2a9d9dad062d39d78750	txt
2025-11-07 04:48:56	613eeafd890461b83c122f46212263b2698413aacd117a07916883bff710d4d8	txt		RemcosRAT
2025-11-06 23:09:24	613eeafd890461b83c122f46212263b2698413aacd117a07916883bff710d4d8	txt		RemcosRAT
2025-11-05 23:39:53	e2ae3121af3fd9874ba17612b0c012ca1962dfd918cc1d479384dad7bf469c64	txt		RemcosRAT
2025-11-05 18:35:33	cdf18dce59da13a347c6d2d60a0bf6190228b46e595863308769a1cb34ca5fd0	txt		RemcosRAT
2025-11-01 08:00:20	3c803751fb9d3b5c1a692674832792ab921752b389f7cf2015097a001194d981	txt
2025-11-01 07:55:25	5c53700dd0af623314c44fb4d22e250766bd3f57ad86be0c15f2536c44339c5d	txt
2025-10-31 23:17:50	71fc5b649c4ca8ada3d1b6cfdcc52337504238fcc4a705d967f6a4e54b49d4d5	txt
2025-10-29 22:49:19	09106cfe70aef62ac9c44088a6f3522fb9fa3868e5a2bdc331c4fb0b5bf84e4e	txt
2025-10-28 17:33:14	f49e6e84c10ffdd05fcd7f49c6616f25f9385710009bc3dab7cc35bb212676d0	txt		RemcosRAT
2025-10-28 05:50:21	859de7f0b61c2ce5e61b9737583fb72a80b0219c13c200a2d0de3e0da7f38307	txt		RemcosRAT
2025-10-27 22:03:06	f49e6e84c10ffdd05fcd7f49c6616f25f9385710009bc3dab7cc35bb212676d0	txt		RemcosRAT
2025-10-27 16:29:10	2612e4114bd164430b644d83bfc3f3ad50b160a245af5c9e30d5f96de84c8ff2	txt		RemcosRAT
2025-10-25 00:19:54	29258ce3918dd64f9c36bcec4d356f3b3c7b58b90141d8b14d35d94c42d79be4	txt		RemcosRAT
2025-10-23 22:00:58	79cb8e37238bd08ef54dd85c868a7b7b5062d3275820a9b541ac5219e2f78ccb	txt		RemcosRAT
2025-10-23 03:53:19	c884f32c87fc6ad239d98d00c37a8eb1cad4a38abb2d7e7bc6575339b7ba01da	txt
2025-10-23 03:53:11	7b7471de1ffb467bcabc40ed0d2bf08f0a255bb3c0f4f2e7babf0540d7ed99f5	txt
2025-10-23 03:53:11	b835e4e06da50e5f51090c7a7e942d77c0b0f72a2e4ec73adb1c4f92e0de9955	txt		RemcosRAT